Carly Kind’s Post

Australian Privacy Commissioner

For 6 years, the OAIC has been publishing periodic reports on operation of the Notifiable Data Breaches scheme established by the Privacy Act. We're changing up our approach to this reporting, and today we're publishing an edition which includes the key statistics but also goes into some detail about the kinds of risks we see emerging in the data breach trends, and our expectations about what steps it is reasonable for entities to take to secure personal information from such risks. The report covers ✔ Some of the specific technical and governance measures entities should implement to secure personal information ✔ Guidance on what a strong supplier risk management framework looks like, in order to minimise supply chain risks of data breaches ✔ Scenarios canvassing common failings we're seeing, such as the misconfiguration of cloud service security settings

Office of the Australian Information Commissioner

13,920 followers

We’ve released our Notifiable data breaches report for January to June 2024. The report includes statistics on data breaches notified to the OAIC and shines a spotlight on key themes and issues. Privacy Commissioner Carly Kind said in her foreword: ‘After 6 years of the NDB scheme, we expect entities to comply with their obligations. It is no longer acceptable for privacy to be an afterthought; entities need to be taking a privacy-centric approach in everything they do.’ 📰 Media release: https://lnkd.in/eVPNF7bz 📘 Report: https://lnkd.in/eAfqxhJA #DataBreach #DataBreaches

2 Comments

🛡️🚘 Andrea Amico

@Privacy4Cars founder. Driving Privacy through transparency, data protection, and real consent. Multiple patents and creator of first app-driven process to delete PI from cars and of VehiclePrivacyReport.com

Keep up the good work, Carly Kind and Office of the Australian Information Commissioner. At IAPP Global I heard you say you were passionate about #vehicle #privacy. Since they are unreported, here are the rough #databreach stats for #Australia: 2+ million used cars sold per year, 4 out of 5 contain PI = 1.6 million families have their data disclosed per year (home address, garage codes, text messages, etc.) Rentals and fleets are on top. Why? Simply because companies do not treat cars like other electronic devices under their device management & data disposal policies (they should).

Kate Bower

Consumer advocate fighting for Australian's consumer rights in data and digital markets, including privacy reform and fair and safe AI.

I love this new format with deeper insights and a focus on uplifting compliance through proactive action by entities. Plus one for stronger enforcement. Great work Office of the Australian Information Commissioner team!

5 Reactions

See more comments

To view or add a comment, sign in

More Relevant Posts

Carly Kind

Australian Privacy Commissioner
2d
Report this post
Last week the Attorney-General announced the introduction of the first tranche of the long-awaited Privacy Act reforms. Here, in the first instalment of a blog series delving into the most significant components of the proposed reforms, my colleague Rebecca Brown explores the proposed Children's Online Privacy Code. https://lnkd.in/e-_Mf8Ba

Better privacy protections for children are coming

oaic.gov.au

3 Comments
Like Comment
To view or add a comment, sign in
Carly Kind

Australian Privacy Commissioner
2w
Report this post
Delighted to announce the launch of the Office of the Australian Information Commissioner blog! I see this channel as a key mechanism for increasing the transparency and visibility of our work in privacy and information access, for sharing additional insights related to our enforcement decisions, and for exploring emerging issues and trends. Our first post is by Sarah Ghali on our ongoing work in relation to Arca's application to vary the Credit Reporting Code: https://lnkd.in/eh-KAJyC

Blog

oaic.gov.au

9 Comments
Like Comment
To view or add a comment, sign in
Carly Kind

Australian Privacy Commissioner
1mo
Report this post
A hugely stimulating discussion with Creina Chapman GAICD, Gina Cass-Gottlieb and Julie Inman - Grant and our colleagues on the challenges and opportunities we face in regulating digital platforms. Given the immense task underway, this kind of cooperation is critical to ensure effective regulation in this space.
Office of the Australian Information Commissioner

13,920 followers
1mo

The 4 members of the Digital Platform Regulators Forum (DP-REG) – the OAIC, ACCC, Australian Communications and Media Authority (ACMA) and eSafety Commissioner – met last week. Members reflected on activities over the past financial year, which are summarised in a yearly wrap up released today: https://lnkd.in/g9MwCCvE We agreed to goals that guide the purpose, direction and objectives of DP-REG: - to build capacity - to promote regulatory coherence - to respond to emerging risks and opportunities. DP-REG members have also agreed on strategic priorities for 2024–26 to progress these goals with a view towards ensuring Australia’s digital economy is a safe, trusted, fair, innovative and competitive space. Read more: https://lnkd.in/ggqMG6FH
1 Comment
Like Comment
To view or add a comment, sign in
Carly Kind

Australian Privacy Commissioner
2mo
Report this post
Increasingly, people are being asked to pay for their privacy. Subscription services that withhold targeted ads in exchange for payment may seem appealing at first, but the premise that underpins them - that you should have to pay for the privilege of not having your personal information analysed - is really problematic (as the European Data Protection Board recently concluded in an important opinion: https://lnkd.in/e4nFN-Sw). But Australians also pay for privacy in another way - with their time. Important research from Consumer Policy Research Centre shows just how much it costs us to manage our privacy, read privacy policies (14 hours), and change default settings (30 mins) on a daily basis. For more than a third of sites and apps surveyed in the research, the option to adjust privacy settings was simply absent (37%). This research underpins a really important point - it is not that people don't care about their privacy, but that they frequently don't feel that they have any agency to control who has what information about them and how it is used. In the words of the CPRC report, "privacy cannot be an accountability that rests solely on the shoulders of individual Australians." https://lnkd.in/e6CfRpFk

The cost of managing your privacy - CPRC

https://cprc.org.au

17 Comments
Like Comment
To view or add a comment, sign in
Carly Kind

Australian Privacy Commissioner
2mo
Report this post
Honoured to have had the chance to sit down a talk privacy (my favourite topic) with Johanna Weaver Tech Policy Design Centre. Slightly regretful about invoking Marie Antoinette, however - I'm hoping the similarities between us begin and end with cake!
Tech Policy Design Centre

3,021 followers
2mo Edited

🎉 #TechMirror is back! And who better to kick off this season than Commissioner Carly Kind, Australia’s newly appointed Privacy Commissioner. Commissioner Kind and TPDC Director, Professor Johanna Weaver, traverse: - 💪what motivated the Commissioner to accept the role (hint: it’s an exciting time for privacy in Australia) - how the reinstated role of the Privacy Commissioner works within the broader Office of the Australian Information Commissioner - 💫Commissioner Kind’s hopes for the privacy reform package to be introduced in parliament in August - the role of OAIC as the privacy regulator of Digital Identity - the importance of protecting biometric data, including facial recognition - the process and outcome of OAIC’s TikTok inquiry, and Commissioner Kind’s ongoing concerns about pixel tracking - 🤖privacy and Artificial Intelligence (of course); and - the importance of privacy as a check and balance on power.
1 Comment
Like Comment
To view or add a comment, sign in
Carly Kind

Australian Privacy Commissioner
2mo
Report this post
As Maslow's hammer dictates, when you're the Privacy Commissioner, everything looks like a privacy problem. Much of the Australian news discourse is currently preoccupied with real public concern at harmful developments in online platforms - from misogynistic content and deepnude apps targeted at young men, to scams designed to catch out older internet users - yet rarely is the connection made between the worst features of the online ecosystem and the privacy-invasive business model which enables them. Today alone I read about Andrew Forrest's attempt to bring accountability to Meta's algorithmic amplification of scams (https://lnkd.in/e5sp7f6g), the emergence of deepnude apps being used across Australian schools (https://lnkd.in/eyUcGUSW) and the growing prevalence of 'misogynistic radicalisation' (https://lnkd.in/eHEjs7St). Yes, we need better education for young people and parents and older people in the critical consumption of online content. But we also need stronger privacy laws, robust enforcement of existing ones, and global collaboration and leadership to tackle the cross-jurisdictional and ecosystem-level harms of the data economy. As Lizzie O'Shea and Samantha Floreani argued in this excellent op ed from April 2024, "The underlying business model is rotten, and that ought to be the focus of our attention." https://lnkd.in/eumgriCY

7 Comments
Like Comment
To view or add a comment, sign in

3,710 followers

View Profile Follow

Carly Kind’s Post

More from this author

Cybersecurity Policy for Human Rights Defenders

The snooper’s charter shows the government’s total contempt for privacy

Explore topics